[OpenAFS] AFS / kerberos authentication on AIX, core-dumping?

[Forrest D. Whitcher]

More problems, in trying to get AFS working over vanilla kerberos.

I *think* I know what's going on, but no idea how to solve it

Immediate snafu:

Manual says install to login.cfg:
DCE:
        program = /usr/vice/etc/afs_dynamic_kerbauth

afs_dynamic_kerbauth, however, core-dumps?? I *think* this is
because I'm using MIT Kerberos, not the built-in DCE. Is that
likely the problem?

I can get around that, by simply authenticating to K5, assuming
I can migrate the kaserver database to K5 (&krb524d).

Larger snafu:

Still don't want to use DCE on the aix box, 'cause that would 
preclude being able to rely on the linux KDCs for failover 
of the aix box which is the master KDC.

All of the application notes I've found for integrating AFS with
MIT kerberos are dated '98 or earlier and use patches to K5 1.1x,
most of which seem to have been incorporated in K5 1.2.2.

>From the reading I think maybe all I need to do is migrate the
kaserver principals to krb5, (using 'afs' salt?) If so I'd be
able to just run 'kinit' to get tickets to AFS.

Does this sound reasonable?

forrest


-- 
Forrest Whitcher    Principal      FW Systems 
617.254.3506                       fw@fwsystems.com                 
fw@world.std.com                   6174803245@mobile.att.net
Information systems consulting     http://www.fwsystems.com